Lucene search

[email protected]CVE-2006-4315

HistoryAug 23, 2006 - 10:04 p.m.

CVE-2006-4315

2006-08-2322:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4315

unquoted windows

ssh tectia

privilege escalation

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under “Program Files” or its subdirectories.

Affected configurations

NVD

Node

sshtectia_clientMatch4.0

sshtectia_clientMatch4.0.1

sshtectia_clientMatch4.0.3

sshtectia_clientMatch4.0.4

sshtectia_clientMatch4.0.5

sshtectia_clientMatch4.2

sshtectia_clientMatch4.2.1

sshtectia_clientMatch4.3

sshtectia_clientMatch4.3.1

sshtectia_clientMatch4.3.1j

sshtectia_clientMatch4.3.2

sshtectia_clientMatch4.3.3

sshtectia_clientMatch4.3.4

sshtectia_clientMatch4.3.5

sshtectia_clientMatch4.3.6

sshtectia_clientMatch4.3.7

sshtectia_clientMatch4.3.8k

sshtectia_clientMatch4.4

sshtectia_clientMatch4.4.1

sshtectia_clientMatch4.4.2

sshtectia_clientMatch4.4.3

sshtectia_clientMatch4.4.4

sshtectia_clientMatch4.4.5

sshtectia_clientMatch5.0

sshtectia_clientMatch5.0.1

sshtectia_connectorMatch5.0

sshtectia_connectorMatch5.0.1

sshtectia_managerMatch1.3

sshtectia_managerMatch1.4

sshtectia_managerMatch2.1.2

sshtectia_serverMatch4.0

sshtectia_serverMatch4.0.3

sshtectia_serverMatch4.0.4

sshtectia_serverMatch4.0.5

sshtectia_serverMatch4.2.1

sshtectia_serverMatch4.3

sshtectia_serverMatch4.3.1

sshtectia_serverMatch4.3.2

sshtectia_serverMatch4.3.3

sshtectia_serverMatch4.3.4

sshtectia_serverMatch4.3.5

sshtectia_serverMatch4.3.6

sshtectia_serverMatch4.3.7

sshtectia_serverMatch4.4

sshtectia_serverMatch4.4.2

sshtectia_serverMatch4.4.3

sshtectia_serverMatch4.4.4

sshtectia_serverMatch4.4.5

sshtectia_serverMatch5.0

sshtectia_serverMatch5.0.1

CPENameOperatorVersion
ssh:tectia_clientssh tectia clienteq4.0
ssh:tectia_clientssh tectia clienteq4.0.1
ssh:tectia_clientssh tectia clienteq4.0.3
ssh:tectia_clientssh tectia clienteq4.0.4
ssh:tectia_clientssh tectia clienteq4.0.5
ssh:tectia_clientssh tectia clienteq4.2
ssh:tectia_clientssh tectia clienteq4.2.1
ssh:tectia_clientssh tectia clienteq4.3
ssh:tectia_clientssh tectia clienteq4.3.1
ssh:tectia_clientssh tectia clienteq4.3.1j

CPE	Name	Operator	Version
ssh:tectia_client	ssh tectia client	eq	4.0
ssh:tectia_client	ssh tectia client	eq	4.0.1
ssh:tectia_client	ssh tectia client	eq	4.0.3
ssh:tectia_client	ssh tectia client	eq	4.0.4
ssh:tectia_client	ssh tectia client	eq	4.0.5
ssh:tectia_client	ssh tectia client	eq	4.2
ssh:tectia_client	ssh tectia client	eq	4.2.1
ssh:tectia_client	ssh tectia client	eq	4.3
ssh:tectia_client	ssh tectia client	eq	4.3.1
ssh:tectia_client	ssh tectia client	eq	4.3.1j

Rows per page:

1-10 of 501

References

securitytracker.com/id?1016743

www.securityfocus.com/bid/19679

www.ssh.com/company/news/2006/english/security/article/775/

exchange.xforce.ibmcloud.com/vulnerabilities/28566

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2006-4315

cvelist1 nvd1